18 Jul
2003
18 Jul
'03
08:20
On Wed, 16 Jul 2003, Francisco Acosta wrote: Hi, Interesting question, ethereal etc wont work AFAIK. I wrote a patch for the kernel to sniff unix sockets but it was some 2.4.14 or so. Better idea would maybe to intercept read() and write() via preload tricks. Sebastian
How can I trace passively, communications through unix named socket, in the same way that ethereal or tcpdump do it for TCP/UDP?.
-- ~ ~ perl self.pl ~ $_='print"\$_=\47$_\47;eval"';eval ~ krahmer@suse.de - SuSE Security Team ~